autofs maps in samba4
chris.lahti at schoonerinfotech.com
Fri Apr 9 18:22:45 MDT 2010
Fantastic, I look forward to your blog entry on how to get this going with Samba4. Regarding linux/macOS-X authentication, is there any reason not to use Kerberos? I am compiling samba4 now to test some things, what is the URL of your blog? Also regarding Windows 7 clients, why are you doing generic Kerberos auth against samba4 kdc? Would you not just join them to the samba4 domain?
From: Bernd Markgraf [mailto:bernd.markgraf at med.ovgu.de]
Sent: Friday, April 09, 2010 3:26 PM
To: Chris Lahti
Cc: samba-technical at lists.samba.org
Subject: Re: autofs maps in samba4
I just added the necessary attributes and objectclasses to a Samba4
LDAP-server today (and filed a bug report/feature request to add that
for future releases).
So this is possible and works nicely here on my systems. I'm running
Solaris instead of Linux though. Should work on Linux in a similar way.
The short version is to run oLschema2ldif in order to convert your
OpenLdap schema to something Samba4 understands (MS AD-like LDIF).
Add the resulting LDIF to your DIT using ldapadd and create your maps.
That Samba4 DC is also used to do kerberos authentication for W7 clients
and the Solaris machines (Kerberos+LDAP). So far it works quite nice.
But since I only started about a week ago I still have a few minor
details to work on (complete the mapping of all LDAP attributes to
proper Unix meanings etc.) Keep in mind that Samba4 uses the MS AD
schema, so for your Linux clients you will need some mappings (like
homedirectory on the unix side vs unixhomedirectory in the AD-style
I'll write up all the details in the next few days and put them on my
More information about the samba-technical